Tmp be owned by root?

re you looking to expand your knowledge base on how temporary files are handled in Linux? Well, to help you out, here is a quick and comprehensive read on everything you need to know about the Linux /tmp directory.

In this post, you will finally get the Linux root folders explained. You will learn how these folders are used by your Linux system and how you can use them.

When you open your file manager, you are usually located in your home directory. But if you go two levels up, you will see this set of directories:

All Linux Root Folders

This post exactly about all these directories. You can watch the video where these Linux root folders explained or continue reading below.

The /var/tmp directory is made available for programs that require temporary files or directories that are preserved between system reboots. Therefore, data stored in /var/tmp is more persistent than data in /tmp. Files and directories located in /var/tmp must not be deleted when the system is booted.

# ls -ld /tmp
drwxrwxrwt. 14 root root 4096 Feb 5 15:06 /tmp

# ls -ld /var/tmp
drwxrwxrwt. 8 root root 4096 Feb 5 15:06 /var/tmp

If you notice carefully, you can see an extra permission tsticky bit» permission. Many applications will show errors or fail if they are not able to write to /tmp with the appropriate permissions.

Any advice will be very appreciated.

asked Jun 17, 2010 at 14:48

1 gold badge5 silver badges12 bronze badges

answered Jun 17, 2010 at 14:58

1 gold badge21 silver badges26 bronze badges

Can a file be owned by nobody? What OS are you using?

Under Linux, /tmp is owned by root, is world-writable and has the sticky bit set. It means that anyone can create files but only the owner (or root) can remove them. It should be similar on most Unix systems, though.

answered Jun 17, 2010 at 14:55

3 gold badges20 silver badges24 bronze badges

Yes, it should be owned by root, but it should also be world writable with sticky bit, so that other programs can use it as a temp directory and files created there are owned by the creator. I’m not sure of the standard practice these days, but I would also recommend making /tmp its own partition, and not part of the root partition, so that if it gets filled up it doesn’t hose the root partition.

answered Jun 17, 2010 at 14:57

1 gold badge9 silver badges15 bronze badges

I wanted to check if my default Debian installation places /tmp in RAM or on the disk, but now am completely confused. Why would a non-existing device be reported as a filesystem type? What doe «mounted on /» mean?

Here is the output of mount:

The Filesystem Hierarchy Standard version 3.0 says:

Temporary files

The /tmp directory must be made available for programs that require
temporary files.

Programs must not assume that any files or directories in /tmp are
preserved between invocations of the program.

Rationale

IEEE standard POSIX.1-2008 lists requirements similar to the above section.
Although data stored in /tmp may be deleted in a site-specific manner, it
is recommended that files and directories located in /tmp be deleted
whenever the system is booted.

Temporary files preserved between system reboots

The /var/tmp directory is made available for programs that require
temporary files or directories that are preserved between system
reboots. Therefore, data stored in /var/tmp is more persistent than
data in /tmp.

Files and directories located in /var/tmp must not be deleted when the
system is booted. Although data stored in /var/tmp is typically
deleted in a site-specific manner, it is recommended that deletions
occur at a less frequent interval than /tmp.

TMPDIR
This variable shall represent a pathname of a directory made available for programs that need a place to create temporary files.

systemd has a say on this too:

/tmp/ and /var/tmp/ are two world-writable directories Linux systems provide for temporary files. The former is typically on tmpfs and thus backed by RAM/swap, and flushed out on each reboot. The latter is typically a proper, persistent file system, and thus backed by physical storage. This means:

If the $TMPDIR environment variable is set, use that path, and neither use /tmp/ nor /var/tmp/ directly.

See file-hierarchy(7) for details about these two (and most other) directories of a Linux system.

The paths can be queried with systemd-path:

$ systemd-path temporary
/tmp
$ systemd-path temporary-large
/var/tmp

FreeBSD, NetBSD, OpenBSD and DragonFly have something similar described in the hier(7) man page.

Distributions are different of course, but I’d expect temporary files to be managed automatically by the system out-of-the-box. They’d likely use either cron jobs or the systemd-tmpfiles-clean service. If you’re worried about disk space, this is a useful command to take a look at how much space each root folder is taking:

To see if your system is using the systemd service for managing temporary files, you can just try:

systemctl status systemd-tmpfiles-clean

Note that this service will exit as soon as it’s done with the clean-up. A timer service is responsible for regularly triggering it. You can check it with:

systemctl status systemd-tmpfiles-clean.timer

If you look again at the actual service responsible for cleaning the files, you’ll see that all it does is run:

So you could either run that command directly, or to do it properly, just do:

systemctl start systemd-tmpfiles-clean

Which will run the appropriate command for your system. However, you should be aware that this is not a «delete all temporary files now» command. There are several configuration files that control what actually gets deleted and when so that applications can individually configure their temporary files.

# Clear tmp directories separately, to make them easier to override
v /tmp 1777 root root 10d
v /var/tmp 1777 root root 30d

You could change those to a shorter time, if your system keeps running out of space, for example, to:

v /tmp 1777 root root 12h
v /var/tmp 1777 root root 1d

To be sure of what you’re doing, do man tmpfiles.d to read the manual. Again, I have found the approach presented here to be relevant on a CentOS (RedHat based) and an Ubuntu system, but I don’t know much about other distributions.

Noexec and /tmp Troubleshooting

1. # mkdir -p /root/chroot /root/tmp
2. # mount —bind / /root/chroot
3. # mount —bind /root/tmp /root/chroot/tmp
4. # chroot /root/chroot

In the first step, why did they create /root/tmp and not /root/chroot/tmp?

Does the first mount command affects the second one? On the second step they are binding the new directory /root/chroot to the root directory. Does that mean that on the third step /root/tmp actually points to /root/chroot/root/tmp ? Where does /root/chroot/tmp comes from? That’s the part I’m getting confused.

What’s the logic behind this?

asked Aug 29, 2014 at 19:48

Create directories to be used for chroot’ed environment. /root/chroot will be the root directory of your chroot’ed environment. /root/tmp will act as a /tmp directory of your chroot’ed environment.

This will make your / directory accessible via /root/chroot. Think about this as mirroring / directory on /root/chroot (even though it’s not really a mirror, it’s a pointer to /).

This will make your custom /root/tmp directory accessible via a /tmp directory of you chroot’ed environment. This way your chroot’ed environment will have it’s /tmp directory separated from system’s /tmp. If you skip this step then chroot’ed /tmp directory will point to your system’s /tmp directory.

Here you enter your chroot’ed environment.

Now your questions:

answered Aug 29, 2014 at 20:25

In step 2 you bind mounted / on /root/chroot.

If you create step 2.5 as ls /root/chroot you’ll find all the directories of / listed; including the system’s /tmp directory.

If you touch /root/chroot/test you’ll see that test is also in the output of ls /. If you rm /test you’ll notice that it’s also gone from /root/chroot/. So / and /root/chroot/ are exactly the same place.

If you want to look in slightly more detail, run stat / and then stat /root/chroot and you’ll notice that both return the same Inode. An Inode is a data structure that refers to a particular file/directory on the disk. As they both return the same Inode then both paths are pointing to exactly the same directory.

Step 3 therefore bind mounts the /root/tmp directory over the system /tmp directory within the already bind mounted /root/chroot.

answered Aug 29, 2014 at 20:27

4 gold badges92 silver badges101 bronze badges

/lost+found – Recovered Files

You will have this directory if you use the ext4 file system. Most of the modern Linux distros use ext4, so most likely you have this folder. This is a file system specific folder that is used for data recovery in case of file corruption. Unless something bad has happened, this folder should be empty on your system.

/lost+found recovery folder

This /lost+found folder is produced on every separate partition. So, if your /home folder is on a separate partition, you should have this /lost+found folder in your home directory too.

/media – Automatic mount point

This folder is used for automatic mounting of removable media such as USB drives, CD-ROM etc. For example, if your system is configured for automatic mounting, when you insert a USB drive it will be mounted to this folder.

/media auto mounting folder

/mnt – Manual mount point

The /mnt folder is similar to the /media folder, it is also used to mount devices, but usually, it is used for manual mounting. You, of course, can manually mount your devices to /media, but to keep some order in your system it is better to separate these two mounting points.

/mnt for manual mounting

/run – Early temp

The /run is a recently introduced folder that is actually a temporary file-system. It is used to store temporary files very early in system boot before the other temporary folders become available.

Early temp is on the /run folder

/etc – Configuration Files

The /etc folder comprises all system-wide configuration files and some shell scripts that are executed during the system boot. All files here are text files, so they are human readable.

The configuration files are in /etc folder

If you ever did any system-wide configuration, you probably edited some files here.

For example, there is /etc/fstab file that contains a table of storage devices and their mounting points.

/sbin – System Binaries

/sbin is for system binaries

/dev – Device Nodes

Here, I need to introduce another important concept of Linux – everything is a file. The /dev folder contains files for all devices your Linux is able to recognize.

The /dev folder is about Device Nodes

If you have some Linux experience, you may recall that when you mount a hard drive, you use a name such as /dev/sda1. The sda is the name of a first hard drive recognized by your Linux kernel and it is located in the dev folder. When the disk is mounted, you see it as a folder in that mounting point.

You can also find here USB devices, CPU etc.

/tmp – Temporary Files

This is just a place where programs store temporary files on your system. This directory is usually cleaned on reboot.

What is the Linux /tmp Directory?

The /tmp directory in Linux based systems contains necessary files that are temporarily required by the system as well as other software and applications running on the machine.

tmp directory on Pop!_OS (example)

For example, when you are writing a document, all the content inside that document is saved as a temporary file inside the /tmp directory. After you have saved it, it gets stored in your preferred location, and the temporary file gets removed once you exit the document.

What is the difference between the /tmp directory and the /var/tmp Directory?

Both /tmp and /var/tmp are used by programs as well as the system itself to store data temporarily. However, the key difference is for how long the data is stored inside these filesystems. The data retention period for /var/tmp is much more extended than that of the /tmp directory.

By default, all the files and data that gets stored in /var/tmp live for up to 30 days. Whereas in /tmp, the data gets automatically deleted after ten days.

Furthermore, any temporary files that are stored in the /tmp directory get removed immediately on system reboot. As such, the /var/tmp directory is used by programs to store data that needs to be preserved between reboots temporarily.

Can the Linux /tmp directory fill up?

The files and data that are stored inside the /tmp directory are only a few KB in size. It is doubtful, albeit possible, for the /tmp directory to fill up.

With more temporary files piling up in the directory, it is going to slowly eat up all the storage space, which is terrible news for the overall system health.

How to delete the files stored inside the /tmp directory?

Unless you know what you are doing, it isn’t recommended that you go around deleting the files inside the /tmp directory. These are important and required by the software running on your system. Removing them can potentially cause a system crash. Since the files and data stored in the /tmp directory get automatically deleted upon system reboot, it isn’t something you need to worry about actively.

However, as discussed earlier, for servers that run for months on end, it is necessary to clean up the temporary files from time to time before it floods the /tmp directory. To do this, we encourage you to take a more systematic approach instead of just deleting all the /tmp files by the bunch.

The correct way to delete Temporary Files and Manage the Linux /tmp directory

Secondly, you need a way to automate the /tmp directory clean up process as it is going to be impossible to search and routinely delete the temporary files manually.

Here is an example that you can try:

To run this script periodically, you will need to copy the above text in a file and make it executable. For this tutorial, we will be creating the file tmp.cleanup.sh.

Script for deleting /tmp files

$ crontab -e

This is going to open the crontab file in the editor. Next, you will need to copy and paste the given command in the editor and then save & exit.

Creating a /tmp file deletion crontab

This is going to run the script in /opt/scripts/tmp.cleanup.sh, every 6 hours, so you don’t have to worry about the /tmp directory getting flooded and eating up your system storage.

Of course, you are free to program the crontab to execute the script in any periodic interval you want. Here is an in-depth guide on how to create a crontab command to help you out.

I accidentally deleted the /tmp directory. Now what?

$ sudo mkdir /tmp
$ sudo chmod 1777 /tmp

$ ls -ld /tmp

Once you have checked everything is a-okay, you will need to reboot your system. This will ensure that the programs start using the newly created /tmp directory.

Wrapping Up

So that covers everything you need to know about the Linux /tmp directory. However, if you still have some burning questions that we left out from this read, then feel free to ask them down in the comments section. We will happily resolve it to help you develop a better understanding and appreciation for Linux.

/home – Users’ Folder

It is easy to guess from the name. This folder is needed to boot your system. It contains the Linux kernel, initial RAM disk image for drives need at boot time, and the bootloader.

In /boot you can found all necessary files to the system boot

I also would like to point out that within this boot folder, you can find the grub folder that contains grub configuration files.

If you read my Arch Linux post, you should remember than I used this command to generate the GRUB configuration file.

sudo grub-mkconfig -o /boot/grub/grub.cfg

The boot folder also contains the Linux kernel.

/srv – Service Data

This directory contains service files installed on your system. For example, if you installed a web-served on your Linux system, it will be located in this folder.

/srv is the services folder

/var – Variable Files

The /var contains files that are of variable content, so their content is not static and it constantly changes. For example, this is where the log files are stored. If you don’t know, a log file is a file that records all events happening in your system while it is running. These log files often help to find out if something is not working correctly in your system.

/var is the variables files folder

/root – Root Home

If you log in as a root, you will be located in this directory by default. This is a folder for private data and account specific setting of your root account.

/lib – Libraries

You already know the /bin directory that contains programs, this /lin folder contains libraries required by those programs from the /bin folder.

/lib is the Libraries folder

/usr – User Binaries

I would like to stop little more on sub-directories of this /usr folder.

/usr/bin contains the programs installed by your Linux distribution. There are usually thousands of programs here.

The libraries for this /usr/bin executables are located in the /usr/lib folder.

The /usr/local doesn’t have any programs by default, but if you compile and install a program system-wide it will be placed here.

/usr/local compiled program folder

Linux Root folders

I won’t use the terminal here and I will show you some visual presentation. But you are of course are encouraged to open the terminal and explore all these directories. Let’s get started.

/proc – Kernel Files

This is a virtual file-system maintained by the Linux kernel. Usually, you do not touch anything in this folder. It is needed only for the kernel to run different processes.

The folder /proc is for the Kernel files

/ – The Root

Everything begins in your system from this directory. All your folders, hard drives, USB drivers, everything is located in this root folder. You cannot go above this directory.

Also, the root directory is designated by the slash sign.

Root Folder Sign

This Linux Directory Structure may look like a mess, but believe me when you learn it, you will realize how much sense it makes.

How to set sticky bit on /tmp and /var/tmp directories

# chmod 1777 /tmp
# chmod 1777 /var/tmp

# chmod a+trwx /tmp
# chmod a+trwx /var/tmp

1 – This digit controls special attribute settings. the value 1 sets the sticky bit on the object/directory.

/bin – Binaries

The /bin folder contains programs that are essential for the system to boot and run. So, if you destroy this folder, your system won’t boot and run.

These programs are stored in the binary format. In other words, they are not in text format. You cannot open and read the content of these programs. The advantage of such format is that a computer can read and execute these programs very fast.

/opt – Optional Software

This folder is not essential for your system to work. Usually, it is used to install commercial programs on your system. For example, my Dropbox installation is located in this folder.

/opt is used for installing personal apps

Conclusion

Now you have some clue about all those folders in your Linux system.

Please, feel free to add anything in the comments bellow in case I missed something.